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(g) Document copy authentication. 

@ A system for authenticating a hard copy <^ an 
original document (20). The system employs a 
special copying machine (25) at the sender's 
end together witii a special ID card (smart card 
(30)) or other user identiftcatkin for activating 
the special nnachine (25). and a special copying 
machine at the receiving end. At the sender's 
station, the original document and ID card are 
inserted into the machoie (25). The latter digi- 
tizes the document text, to prcKluce a digital 
signature which incorporates unique infor- 
mation from the sender's ID card. This machine 
(25) then produces a hard c(^y (35) of the 
document to which is added the digital signat- 
ure (36). The sender retains the original, but 
forwards the copy to the rectpent or receiver. 

The receiver then irtserts the received copy 
into the machine (25) at his iocatton. which 
digitizes and (M-ocesses the document text and 
signature and indica^ whether the digital sig- 
nature is valkl. Preferably a dual key authentK 
catk)n system is used, with the digital signature 
incorporating the sender's secret signing key, 
and the receiver usir^ the related public key in 
the valkJation process. 




25 



30. 



XEROX StQND«3 



JohnDo«*i 
BMAITTCAnD 



SIGNED 
OOCUMEMT 




XEROX StGNtNO 
COPEB 



FIG. 2 



otcnxLiy 

CLEAMED 
DOCUMEKT 



0. 



1 



EP 0 547 837 A2 



2 



The present invention relates to a system for 
making and authenticating a copy of an original docu- 
,;nent 

It is known how to authenticate original docu- 
ments using a digital signature. The latter provides a 5 
unique pattern based on the digrtized docun^ent text 
and a unique signing key (or seaet key) of the docu- 
ment creator. When the original with attached digital 
signature is transmitted (electronically or as a hard 
copy) to a third party, the latter through digitizing and io 
processing of the received document and digital sig- 
nature can determine whether the document is gen- 
uine. 

Ways of providing digital signatures of original 
documents are described in USPs 4.881.264; is 
4.309,569; 4.625.076; 4.656.474, and other related 
patents, whose contents are hereby incorporated by 
reference. The digital signature, in effect. Is an encod- 
ed version of the entire document, reduced to a^ 
ni unique marking added as a seal to the original docu- 20 
j I ment If the original document or its signature Is modi- 
fied in any way; the alterations will be detected when 
the document and signature are checked with the ap- 
propriate decoding key* 

^ The first of the above-described patents de- 25 
scribes adual-keyorpublickey cryptosystemfbrgen- 
erating a digital signature of a document In this sys-- 
tern, the originator or creator uses a private or secret 
signing key for processing the document by a partic- 
ular algorithm to generate a "signature" represented 30 
\bya sequence of bits ranging from several hundred 
to several thousand depending upon the particular 
system used and the level of security desired. The te^ 
ceiver of the d^rtal signature would possess or be giv- 
en a checking or public key. nrathematically related to 35 
the signing key, which can be used to process the 
document through a related algorithm to determine 
whether the received document was indeed generat- 
ed with the authentic signing key of the creator. If the 
contents of the document are to be kept secret then 40 
it can t>e separately encoded and decoded by one of 
many known encoding and encryption.schemes. 

One company has described a so-called time 
stamp seal (akin to a notary seal) representing a d^ 
ita! signature of the document plus a tinte stamp to 45 
mark the time when the document was receh^ed and 
the digital signature recorded. USP 5,001J52 de^ 
scribes in detaS another verston of a tin>e notarization 
system. 

Another company emphasizes the public key so 
cryptography system as a way of achieving a tamper- 
proof digital stgnahjre that can be used to establish 
the authenticity of electronic mafl messages. 

USP 4.650.975 describes a scheme for authenti- 
cation of an identifying IC card employing a personal 55 
identification number (PIN) for checking the vaikJity of 
a card holder using a Data Encryption Standard 
(OES). 



The emphasis in the art has been the authentJ- 
catton of original documents or electronic mail me? 
sages: There is a much greater need, however, "for a 
reliable scheme to authenticate a hard copy of an 
ordinal document The various schenr>es described 
above applicable to original documents would not ap- 
ply to a copy of the document or at least would not 
leave a recewer of such a copy with a high level of 
confidence that the copy In his possession Is, in fact 
an exact duplicate of some original document located 
at a distant place. 

A major object of the invention is a system for 
rnaking or authenticating a. hard copy of an ordinal 
document Authenticating a copy nieans verifying 
that the copy currently in the possesston of the re- 
ceiver is in fact identical to an original document from 
which the copy was prepared. 

This is achieved, in accordance with one aspect 
of the inventton. by making a copy of the original 
docuntent on a copying machine that also generates 
from the original a digital signature that is affixed to 
the copy, constituting a digitally signed copy of the 
original document The digital Informatkm can be in 
human-readable or encrypted form. 

In accordance with another aspect of the present 
invention, in order to guarantee that the supplier of 
the original document authorized the making of the 
signed copy. Wentifying information unique to the 
supplier may be required before the copying machine 
makes the signed copy. 

In a preferred embodinr>ent a special key known 
only to the signer or docunnent originator is used to 
generate the signed copy. Asecond special key need- 
ed to check the signed copy can be included in the 
signed copy. 

In accordance with a fiirther aspect of the inven- 
tion, a time stamp can also be Included in the digital 
signature. 

The thus-produced signed copy can then be for- 
warded by any means and by any person to a receiver 
at a locatton, usually distant, where the receiver need 
have no access to the original dbcun^ent 

The receh^er then processes the signed copy 
through a simSar copying machine that has the capa- 
bility of storing the unique identifying information of 
the sender, or of deriving from the signed copy, if in- 
corporated therein, the unique klentifying informa- 
tion or related information, such as a checking key as 
previously described. The resultant processing pro- 
vides an indication of whether the receh^ed copy is an . 
authentic.copy of the original. The indication couW be 
as simple as a Boolean output on the machine indi- 
cating the processed document Is valid or invalid; Al- 
ternatively, a message can be displayed on the ma- 
chine or affixed to a digitally cleaned copy of the sign- 
ed document that would indicate that the cleaned 
copy looks like an original document that was copied 
by a named individual at a certain tinte and date. 
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In accordance with one aspect of the invention 
there is provided a system for authenticating hard 
copies of original documents comprising (a) a copying 
machine, said copying machine including, 

(i) means for receiving from an entity an original 5 
document, 

(ii) means for generating a digital signature from 
a document, 

(iii) nr^eans for receiving information uniquely 
identifying the'entitysupplyingtheoriginai'doco- — io- 

ment. 

(fv) means for incorporating in the d^ital signa- 
tyre information representative of the entity's 
identification, 

(v) means for producing a signed document first is 

copy Incorporating the digital signature* 

In one embodiment the first copy produced by 

means of (a) (v) is an encrypted copy of the original 

document 

The digital signature may In differing embodi- 20 
ments be either visible or Invlsit>l6. 

The present Invention will be described further, 
byway of example, with reference to the accompany- 
ing drawings, in which:- 

Figs. 1 A and 1 B are schematic views of examples 2$ 
of document authentication schemes, some fea- 
tures of which may be used in the system of the 
. invention; 
Fig. 2 is a schematic view illustrating operation of 
the system in accordance with one embodenent 30 
of the invention; and 

Fig. 3 is a block diagram of a copying machine 
usable in a system in accordance with one enr>- 
bodiment of the invention. 

Information integrity has t>een a persistent chal- 3$ 
lenge now for several decades. For exantple, in trans- 
mitting digital information, a checksum based on a 
computation of the digital Information in accordance 
with.some arbitrary algorithm could be added at the 
( end of the transmission. The receiver of the digital 40 
.^ata would perform the same computatk>n and then 
'otfnpare its computed checksum to that included in 
the transmitted data Any discrepancy indicates that 
the received data is not an exact replica of the trans- 
mitted data. 45 

Any document can be digitized in any of several 
known ways. For instance, if the document is wholly 
of text it can be converted to a stream of ASCII codes 
and subsequently digitized. If. instead, non-standard 
textu£d symbols are used, or non-textual, or graphical so 
information is present in the document, the document 
can be digitized by known scanning processes based 
on black^^ite or dark/tight b'ansitions. That stream of 
digital information representing the document con- 
tents can be subjected to a checksum, hashing or sirrv 55 
itar algorithm or function whose output would then 
represent the actual full contents of the document 
Similarly, digital Infbrmatton can be encoded and dig- 



itally signed. Both the digital Information and the dig- 
ital signature can then be encoded and printed onto 
a sheet of paper. The information encoded and print- 
ed onto the paper can include; for example: descrip- 
tion of what is printed on the document (allowing ver- 
ification of document content); descriptions of the 
physical nature of the document (allowing controlled 
copying and distribution of the document); or descrip- 
tions of programs that are to be loaded into and exe- 
cuted by the'mdchine7eading*the'documerit(wli~eth^er~ 
that machine be a FAX, copter, scanner, etc.). 

These efforts have been focussed on establish- 
ing the authenticity of original information or data. For 
example, adding a digital signature to an original 
document can be used to authenticate the original. 

Encryption is another technique for assuring in- 
tegrity of transmitted information, often used nowa- 
days for secure electronic transmission of data or for 
E-mail. Many encryption schemes are known and are 
used today. One of the more popular schemes uses 
the dual public/private key system. Rgs. 1Aand 1B il- 
lustrate how such a system could be employed to ver- 
ify the authenticity of an original document, such as 
a check or lOU. 

Referring now to Figs. 1 A and 1 B. in the process 
illustrated in Fig. 1A, a document 10, which may be, 
for instance, an lOU for $1,000, is created as an orig- 
inal document The document 1 0 is then scanned and 
digitized together with a secret signing key pos- 
sessed only by the creator of the document After be- 
ing processed by one of many well known signing al- 
gorithms indicated at 11, the result is a digital signa- 
ture which can be incorporated with the document or 
as part of the original document 10. The original docu- 
ment 10 with the digital signature is indicated at 12, 
separate from or included as part of the document 1 0. 
The latter can then be transmitted to a third party who 
would possess a public checking key counterpart to 
the secret signing key as part of this known dual key 
security scheme. The document would again be scan- 
ned and digitized, and the digital signature 12 togeth- 
er with the public checking key processed via a 
checking algorithm 13. This algorithm, of which again 
a number are known, would determine whether or not 
the digital signature received corresponds to that ob- 
tained directly from the original document and that 
the keys used by the creator and by the third party 
or user properly match in accordance with the check- 
ing algorithm. The output of t he checking algorithm is 
a single bit, indicating that the signature is valid or in- 
valid. In an actual embodiment, the output indicating 
an invalid signature could be a red light, or some other 
dearly visible indicator that the signature failed the 
validation check. 

Rg. IB shows a similar scheme but in this case 
the document 10 has been altered 10' by changing 
the amount of nf>oney listed on it When processed as 
the original unaltered document 10, the cheddng a^ 



5 



EP0 547 837 A2 



6. 



gorithm would indicate a discrepancy in the document 
or in the documenf s source with an appropriate mes- 
sage as indicated at 15 in Fig. 1B. 

To the be^ of our knowledge, there does not exist 
a way of providing to a third party a hard copy of an 5 
original document and proving that that hard copy is 
in fact an exact copy of an original document which 
exists at sorne other location. This is prectsely where 
the invention of the presient case comes into play. 

Fig. 2 illustrates schen^tically the operation of a io 
preferred form of the system of the invention for au- 
thenticating hard copies of documents. In this prefer- 
red embodiment, an original document 20 is placed on 
a special machine 25 referred to herein as a signing 
copying machine or copier. While hereinafter will be is 
disclosed an example of the system contents of a 
signing copter that can be used in the invention^ it will . 
be understood that the exact manner by which the 
signing copier makes copies of documents, or gener- 
ates digital signatures of documents is not critical to 20 
the Invention as any of the known copying and digi- 
tizing schemes can be used for this purpose. 

In this particular case, the signing copier 25 has 
the ability of not only executing a normal copying 
function and producing or butputting a hard copy of 25 
the original document 20, but in addition It has the 
ability to digitize the document and generate a digital 
signature of that document in the manner as previ- 
ously described. That digital signature of the docu- 
ment includes every significant piece of information 30 
on the document, as well as informatk>n that is unique 
to the signer, which may be a person or a group, such 
as a secret signing key. 

In addition, the signing copier 25 can include the 
further feature that it has the capability of verifying 35 
the identity of the person or entity that supplies the 
document to the s^nfng copier. In this particular 
case, we assume that the possessor of the.document 
20 is a person named "John Doe*. John Doe has a 
stmri card with which he can activate the signing 40 
copier 25. The smart card can be one of many differ- 
ent kinds of well known articles which can be inserted 
into a slot in the signing copier, which in turn would 
read certain data on the card representing the iden- 
tity of that owner to be incorporated in the digital sig- 4S 
nature that is prepared from the original document 20. 
John Doe's secret key can be included in his smart 
card, as well as the signing algorithm and his public 
key. Alternatively, the signing algorithm can be in- 
cluded in the signing copier 25^ so 

That digital s^nature which now includes the 
identification of the document supplier John Doe is 
now affixed 36 to the hard copy produced by the sign- 
ing copier machine 25. That hard copy, designated 
35, is a" •'signed document", meaning a docurrtent 55 

hich has on it in visible or invisible form a digital sig- 
nature 36 of the document contents together with an 
Identification of the supplier or creator. Moreover, the 



original document 20 can be in human readable form, 
or encrypted for seaecy, in which case the signed 
document 35 would also t>e in human-readable or en- 
crypted form. 

The signed docunr^ent 35 or hard copy can then 
be forwarded 31 by any known means to a third party, 
such as by hand delivery, or by use of one of the post- 
al or other delivery services. That signed document 
35 when received by the third party is again process- 
ed through a s&nilar signing copier nrachine 25. What 
the signing copier machine 25 would do with the sign- 
ed document 35 Is essentially to digitize the contents, 
and check the digital signature 36. 

Adigital signature, by its very nature, requires the. 
signer to have for validation a pubjic checking key that 
is mathemattealty related to his private key. The sign* 
Ing copier would obtain, by any one of several means 
know and described in the literature, a valid copy of 
the signer's public checking key. As an exanipte. but 
in no way the only possible method, the signer's pub- 
lic checking key and a •certificate*' for the signer's 
public checking key could both be included in the 
original document In computer readable form. The 
signing copier 25 would read both the certificate and 
the public checkirig key and would validate the cer- 
tificate and publk: checking key using a well known 
Public Checking Key (which can be owned by the cop- 
ier manufacture^. Having validated the public check- 
ing key of the signer, the digital signature of the signer 
and the validity of the digital informatfon signed by 
the signer could then be checked. 

Atternativety, the public checking key of the par- 
ticular signer could be made pubfldy available, as in 
a do-ectory or the like, and accessed by the signing 
copier 25. 

The output from the second signing copier used 
by the t h^d party would typically be a digitally cleaned 
document 40. meanbig a hard copy of the original 
document 20 free of any physical dirt or image fuzzi- 
ness introduced during , handling and processing of 
the original or signed document This is readfly ac- 
complished because the informiation needed to dean 
the copy and restore the original was digitally encod- 
ed on t he copy and t hus t he signing copier can readily 
determine what the original document actually looked 
like. In addition, there can be imprinted on the digitally 
deaned document 40 by the signing copier a mes- 
sage indicating that the d'^itally deaned document 
40 looks like an original document that at a certain 
time and on a certain date was copied on a signing 
copier machine with the aiithorizatfon of John Doe. 
Alternatively, the message can be omitted from the 
document and instead displayed on the machine. The 
machine could be readily programmed not to make 
hard copies of signed documents unless they have 
been properly verified in accordance with the inven- 
tion. In this latter case, third parties or users would 
know that any copy produced by such a machine from 
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a signed document is identical to an original signed 
docuntent at some other location. 

As mentioned previously, there are many known 
ways by which the various functions descnt)ed above 
can be implemented, and the invention is not limited s 
to the specif ic means by which the digitization, opti- 
ca) copying, comparison systen^, and other verifying 
features are impienwnted. Fig. 3 shows schematically 
one relatively simple machine 25 which would have a 
spKacfe."sayronnop'for7ec'elvihjg~aidoC^^ iO~ 
may be an original document 20 or a signed document 
35, a keyboard 50 for keying in appropriate com- 
mands or instructions to the machine where neces- 
sary, and a conventional card input device 51 through . 
which an identifier object, such as a smart card, can is 
be passed from which infomnation concerning the se- 
cret signing key and other information can be verified 
by conventional means indicated in Fig. 3 by block 52. 
The signing copier 25 would have the usual optical 
copying means 54 which would be capable of making . 20 
a copy of a document. That copy couid be a literal 
copy of the document The exact form is not important 
to the invention. The processing is controlled by a 
conventional programmable processor 55 which, for 
simplicity, is not shown connected to, for example, the 25 
keyboard 50 or the card input device 51 , or the ID veri- 
fier 52, or the other modules employed in the ma- 
chine. The means to accomplish this would be obvi- 
ous to one of average skill in the art The signing cop- 
ier would also possess a conventional scanner so that so 
it would be capable of digitizing the information pres- 
ent on the docuPDent indicated at block 56. It could at 
the sarhe time, optionally, encrypt at block 57 the 
document contents. It could also have present at 60 
a device which keeps track of the current date and 35 
time of day which information can be retrieved and . 
used whenever desired. 

The signing machine 25 illustrated in Fig. 3 is ca- 
pable of carrying out t>oth sets of functions indicated 
in Ftg. 2 in which it can produce not only the signed 40 
. document 35 but also the digitally cleaned document 
40 which has been authenticated. Thus some of the 
n^odules indicated in Rg. 3 would only be used at the 
sending end when t he original document is hard cop- 
ied, whereas other modules would be used at the re- 45 
ceiving end where the digitally cleaned and authenti- 
cated hard copy of the signed document is produced. 
Alternatively, two different nnachines could be provki- 
ed, one just for aeating signed documents at the 
sending end, and the other at the receh/ing end for so 
verifying the authenticity of a signed document and 
producing a digitally cleaned docuntent 

Continuing with the descriptk)n, at block 62 the 
resultant digital signature can be generated by proc^ 
essing with any known algorithm with the secret sign- S5 
ing key of the user to generate a digital signature 
which can be aff faced to the optical copy that has been 
made of the original document This merger of the 



optical copy with the digital s^nature occurs at block 
64. In addition, further information could be included 
in the digital signature, e.g., a time stamp which wouki 
indicate the date and the time when the signed docu* 
ment was produced. 

At the receiving end. the document 35 placed on 
the machine would be the signed document, and in 
this case the furiction of the machine would be to 
make sure that the digital signature that appeared on 
~ the'sig ncKJiJb'cumen^^ 

described, the copying machine must obtain a valid 
copy of the signer's public checking key. 

After the digital signatures have been checked at 
btock 66 will determine the next stage in the process- 
ing. There are a number of possibilities here. For ex- 
ample, if the digital signature is not valid, then the ma- 
chine Is readily programmed not to copy it, and to dis- 
play on the machine a message saying that the hard 
copy originally presented to the ntachine has not 
been authenticated. 

On the other hand, where the digital signature 
checks, and the original supplier was authorized, 
then the machine could display a message 68 indicat- 
ing that a hard copy produced by the machine is iden- 
tical to one that was presented to a similar machine 
at a certain time and date. For instarice, the n^ssage 
could read This document (meaning the Cfutputted 
digitally cleaned copy 40) was submitted for copying 
by John Doe on May 9, 1991 at 1:55:35 p.m. When it 
was submitted, it looked tike the herewith supplied 
copy. * Alternatively, the nnessage can be put on the 
document itself. As a further alternative, both forms 
of informing the third party user of the authenticity of 
the hard copy of the docunrient can be employed. 

Thus, in the system cif the invention, any user 
document can be supplied to the machine for authen- 
ticatton. The signed document contents can have dig- 
ital information encoded in it either In visit>le or invi* 
sibte form. Many users of such machines would be 
available whose authority- is readfly establehed by 
being issued a card which is authenticated by the ma- 
chine supplier. While a smart card is a preferred way 
of inputting the signer's secret signing key, in princi- 
ple, the keyboard 50 can also be employed to carry 
out the sanrie function by means of known password 
schemes. It would be possible though not essential 
for the signing copier machine nrtanufacturer to issue 
and authenticate the smart cards of the users. At the 
receiving end. the signed documents would be en- 
tered for verification and the signing copier would re- 
cover the digital information encoded in the docu- 
ment and verify the supplier or aeator. 

Sunmarizing the preferred embodinrtent, a digital 
signature system may be thoughtof as two functions: 

(i) signature = SIGN(document, signingKeyOfA), 
and 

(ii) valid = CHECK(document, signature, check- 
ingKeyOfA), where: 
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r "documenrmeansany sequence of bits; 

/ "sIgnlngKeyOfA" means secret informa- 

tion known by A which allows A (and nobody else) 
to generate valid signatures; 

"signature" is a sequence of bits generated s 
by the signing algorithm, with the number of bits 
ranging from a few hundred to a few thousand, 
depending on.t he specific system and the specif- 
ic security level involved in the application, as 
well as various performance tradeoffs; lo 

"checkingKeyOfA" is mathematically re- 
lated to the signingKeyOfA, where user A would 
generate both the signing key and the checking 
key, and the signing key would be kept secret, 
while the checking key would be made public; is 
The "valid" flag is a simple boolean, either TRUE 
or FALSE. If the signature for a given document was 
generated by signingKeyOfA. then the CHECK func- 
tion will return TRUE, indicating that everything is 
OK. tf the signature or document has been altered in 20 
any way, then the CHECK function will return FALSE, 
indicating that the signature is not valid. 

The following scenario is iiiustratlve of how such 
applications.could work and represents an algorithm 
describing a preferred form of the overall perfor- 25 
mance of the system: 

1) The customer prepares a document, such as a 
signed contract, and approaches the Signing 
Copier. 

2) The custonier inserts their "signing card " into 30 
the copier, and places the original on the glass. 

The copier digitizes and compresses the image, 
signs, the compressed iniage, and stores the 
signed compressed digital innage in a user incon- 
spicuous fashion on the resulting "copy" (actually 35 
a "signed original 

3) Further hard copies can now be made of the 
signed original, and as long as the image quality 
is not too degraded by repeated copying, the orig- 
inal digital information can be recovered from the 40 
copy and verified. 

4) The special signing copier machines would re- 
cover the digital information, restore the quality 
of the document and verify the authenticity of 

the document Other conventional copiers could. 4S 
lifmply copy the document 

5) The 'signed " nature of the document could be 
Indicated by using special ink or special hard-to- 
duplicate patterns. In this fashion, the fact that 
the document was signed would be readOy appa- 50 
rent on visual inspection. The physical nature of 
this user-obvious indicator does not affect the 
logical design of the system. 

6) This scenario assumes that a reasonable key 
authentication protocol is used by the copier. In 55 
particular, it assumes that the "signir^ cards" is- 
sued to customers can be appropriately authen- 
tk:ated by a suitable entity, such as the signing 



copier manufacturer or supplier. The simplest 
method of doing this would be to issue such 
"signing cards' directly from the machine suppli- 
er, charging sonrte modest price. The customer 
woukJ have to present documentation adequate 
to persuade the supplier that they were indeed 
who they claimed to be, after which they would 
be issued a signing card. The signing cards Is- 
sued by the supplier could be readily identified by 
any supplier's copier as authentic but it would be 
impossible for any non-supplier agency Oegitn 
mate or.otherwise) to issue a signing card that 
. any supplier's copier would think was authentic. 

7) The recipient of a signed copy could easily ver- 
ify that it was authentic by placing it in any Sign- 
ing Copier, which would verify the accuracy of the 
document 

8) Optionally, If desired, thei signed Information 
could describe some physical aspect of the piece 
of paper on which it appeared. In this way, it 

. would be impossible to make authenticated dupl^ 
cates. Known ways of doing this have been 
based on the pattern of fibers in the paper as a 
physically unique Identifier for that particular 
piece of paper. In this scenario the agent that 
deals with the customer might be thought of as a 
"notary public" who happens to be employed by 
the supplier. The signing card issued to the cus- 
tomer can be "tamper proof, " so that the custonv 
er is unable to access its contenta The signing 
card may have an onboard microymcessor and 
memory which implement the necessary algo- 
rithms. The possession by the customer of the 
signing card is evidence that the custonier is who 
they dalm to be. Further authentication might be 
required, e.g., the customer might also have to 
know a password, or the customer's fingerprint 
might t>e encoded in the signing card and verified 

. by the copier. The signing copier authenticates 
the signing card, and might perform further au- 
thentk^ation as needed (e.g., ask for a password 
or check the fingerprints). The copier wouW then 
be prepared to issued docunrtents that had been 
digitally signed by the customer. From a technical 
point of view, changing any bit at all in either the 
document or the signature wQI invalidate the sig- 
nature. If a single pixel is out of place in the inv 
age, the signature will be invalid. In practice, this 
means some form of error correcting code will al- 
most certainly be required if the digital infornrwi- . 
tion is stored on paper. Paper can have dirt 
grease, coffee, etc. spQIed on tt and unless the 
error correcting code is quit robust this would in- 
valkjate the signature. 

For more tnfbrn^tion on digital signatures and 
means for implementing same, reference is made 
also to Matyas "Digital Signatures - An Overvtew", 
Computer Networks 3(1979) pp. 87-94. particularly 
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Sect 3; and Upton et al "Making The Digital Signature 
Legal - And Safegua^ded^ Data Communications, 
February 1978. pp. 41-52, especiaOy pp. 44. 47. 

While the invention has been described and DIu- 
strated in connection with preferred embodiments, 
many variations and modifications as will be evident 
to those skilled in this art may be made therein with* 
out departing from the invention, and the inventbn as 
set forth in the appended datms is thus not to be lim- 
- ited-to-the-precise details-of-construction-set-forth- 
above as such variations and modifications are In- 
tended to be included within the scope of the append- 
ed claims. 



Claims 

1. A process for making an authentlcatable copy of 
an original document supplied by an entity, in- 
cluding making a hard copy of the original docu- 
ment and incorporating on the document a digital 
signature representing the document contents 
and the Identity of the said entity. 



document 

(iv) means for incorporating in the d^ltal sig- 
nature infornrtation representative of the enth 
t/s identification, 
5 (v) means for producing a »gned document 

first copy incorporating the digital signature. 

7. A system as claimed in claim 6, further compris- 
ing means for indicating whether the signed copy 
-10 is-authentic; 



8. A system as claimed in daim 7, further compris- 
ing means for making a second hard copy from 
the first copy when the signed copy is authentic. 

9. Asystem as daimed in daim 7 or daim 6, wherein 
the digital signatures incorporates information 
representative of a secret signing key owned by 
the entity. 

10. Asystem as daimed in daim 9, wherein the indi- 
cating means use a public key rr^thematically re- 
lated to the secret key. 
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2. A process as daimed in daim 1 . wherein the iden- 
tity of the said entity is represented by a secret 
signing key of a dual key authentication system. 



25 



A process as dairned in daim 2, wherein the 
document incorporates a public key that is math- 
ematically related to the secret signing key. 



so 



A process for validating the authenticity of a sign- 
ed copy of an original document supplied by an 
entity, said signed copy having been provided 35 
with a digital signature using a secret signing key 
supplied by the entity Induding 

(a) checking the digital signature of the signed 
copy using a public key mathematically relat- 
ed to the secret key, 40 

(b) Indicating whet her the signed copy is valid 
or invalid. 



5. A process as dain^ed in daim 4 wherein. 

(c) f the signed copy is valid, generating a 
hard copy of the signed copy but without a 
digital signature. 



45 



A system for authenticating hard copies of origi- 

nat documents comprising: so 

(a) a copying machine, said copying msh 
chine induding, 

(i) means for receiving from an entity an orig- 
inal document 

(it) means for generating a digital signature 55 
from a document 

(iii) means for recewing information uniquely 
identifying the entity supplying the original 
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FIG. 1 B 
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@ Document copy authenticatbn. 

@ A system for authenticating a hard copy of an 
ordinal document (20). The system employs a 
special copying nr^chine (25) at the sender's 
end tc^ether with a special ID card (smart card 
(30)) or other user identification for activating 
the spedal machine (25), and a special copying 
machine at the receiving end. At the sender's 
station, the original document and ID card are 
inserted into the machine (25). The tatter digi- 
tizes the document text, to produce a digital 
signature which incorporates unique infor- 
mation from tile sender's ID card. This machine 
(25) then produces a hard copy (35) of the 
document to which is added the digital signat- 
ure (36)* The sender retains the original, but 
forwards the copy to the recipent or receiver. 

The receiver then inserts the received copy 
into the machine (25) at his location, which 
. digitizes and processes the document text and 
signature and indicates whether tiie . digital sig- 
nature is valid. Preferably a dual key authenti- 
cation system Is used, with the digital signature 
Incorporating the sender's secret signing key. 
and ttie receiver uslr^ the related pubttc key in 
. the validation process. 
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